Additional Materials:

Contact:

ActioNet, Inc., of Vienna, Virginia, protests the issuance of a task order to Phacil, Inc., of Arlington, Virginia, under request for proposals (RFP) No. W912DY-13-R-0032, issued by the Department of the Army, Corps of Engineers, for support services for the High Performance Computing Modernization Program (HPCMP). This competition was conducted among firms holding one of the General Services Administration's (GSA) 8(a) STARS II contracts. ActioNet challenges the agency's technical evaluation and selection decision.

We deny the protest.

DOCUMENT FOR PUBLIC RELEASE
The decision issued on the date below was subject to a GAO Protective Order. This redacted version has been approved for public release.

Protest challenging an agency’s evaluation of proposals is denied where the evaluation was reasonable and consistent with the solicitation’s evaluation criteria.

DECISION

ActioNet, Inc., of Vienna, Virginia, protests the issuance of a task order to Phacil, Inc., of Arlington, Virginia, under request for proposals (RFP) No. W912DY-13-R-0032, issued by the Department of the Army, Corps of Engineers, for support services for the High Performance Computing Modernization Program (HPCMP). This competition was conducted among firms holding one of the General Services Administration’s (GSA) 8(a) STARS II contracts.[1] ActioNet challenges the agency’s technical evaluation and selection decision.

We deny the protest.

BACKGROUND

The RFP contemplated the issuance of a fixed-price task order for a base year and four option years for support services for the HPCMP. A detailed performance work statement (PWS) was provided that described support requirements for the HPCMP. PWS at 1-45. Among other things, the task order contractor would be required to provide security support in accordance with applicable Department of Defense regulations “in all areas of personnel, physical, operations, communications, information and information systems security.” See PWS at 19-22, 36. In particular, the contractor would provide support in accordance with Chairman of the Joint Chiefs of Staff Manual (CJCSM) 6510.01B and the Computer Network Defense Service Provider (CNDSP) Evaluator’s Scoring Metrics, version 8 (ESM).[2] PWS at 20-21, 36. In this regard, CJCSM 6510.01B provides a detailed description of computer defense protection services requirements by functional area, and the ESM provides scoring metrics for various computer network defense support services. See. e.g., CJCSM 6510.01B, encl. A, at 6-9; ESM at 8‑106.

Offerors were informed that the task order would be issued on a best-value basis, considering technical, past performance and cost/price factors. RFP at 4-8, 10. The technical factor, which was the most important, was divided into subfactors as follows: technical management and approach, technical qualifications, and transition/ phase-in. Id. The past performance factor was considered slightly less important than the technical factor, and the technical and past performance factors, combined, were significantly more important than price. RFP at 10.

Instructions for the preparation of proposals under each factor and subfactor were provided. As relevant here with respect to the technical qualifications subfactor, offerors were instructed to provide a comprehensive description of each team member’s significant capabilities and corporate experience with respect to the PWS requirements. Id. at 6. The RFP also instructed offerors to clearly delineate the correlation between identified capability and corporate experience and to identify the specific PWS functional areas to which such capability/experience applied. Id.

The Corps received six proposals, including ActioNet’s and Phacil’s. The agency provided offerors with discussions and clarifications, and answered a number of questions from offerors. As relevant here, the Corps informed ActioNet of the following weakness in its proposal under the technical qualifications subfactor:

Offeror describes experience managing CNDSP/[computer emergency response team] functions described in the PWS, but does not identify experience in performing the technical functions. This poses a risk to the Government, as established organizations typically require a year or more to train personnel to execute CNDSP functions at the highest level.

AR, Tab 4, ActioNet Discussions Letter, at 2.

Final proposal revisions were received and evaluated. ActioNet’s and Phacil’s revised proposals were evaluated as follows:

Technical

Past Performance

Cost/Price

ActioNet

Outstanding

Substantial Confidence

$53.9 million

Phacil

Outstanding

Substantial Confidence

$55.7 million

AR, Tab 7b, Final Evaluation Report, at 3.

The agency’s adjectival ratings were supported by narrative discussions that identified each of the vendor’s respective significant strengths, strengths, and weaknesses under each factor. With respect to Phacil’s outstanding technical rating, the evaluators noted that the firm’s proposal had two significant strengths, six strengths and no weaknesses. Id. at 13-14. ActioNet’s technical proposal was also rated outstanding, receiving one significant strength, six strengths, and one weakness. Id. at 7-8. ActioNet’s weakness was assessed under the technical qualifications subfactor based upon the evaluators’ judgment that ActioNet had failed to demonstrate experience in various specialized CNDSP functions, such as computer network defense red teams,[3] malware protection, and technology development/ implementation. Id. at 8.

The evaluation results were provided to the agency’s source selection authority (SSA), who compared the relative merits of the proposals of the three highest-rated offerors (including Phacil and ActioNet) in a best-value analysis. AR, Tab 7a, Source Selection Decision, at 12-14. The SSA noted that, although Phacil’s and ActioNet’s proposals received the same ratings under the technical and past performance factors, Phacil’s proposal was evaluated as having no weaknesses and more significant strengths and strengths than ActioNet’s proposal, whereas ActioNet’s proposal had a weakness. Id. at 13-14. The SSA considered the impact of the specific weakness and concluded that ActioNet’s failure to demonstrate experience in certain specialized functions created a risk for the agency because “obtaining and training individuals to meet CNDSP level (III) is expensive.” Id. The SSA also noted that one of Phacil’s significant strengths (the use of a “Big Data trend analysis”) would create efficiencies within the HPCMP that could be quantified at a value of $2.5 million over the 5-year term of the task order. Id. at 13. The SSA decided that Phacil’s technical advantages and lower risk outweighed ActioNet’s approximately $1.8 million lower price, even though both proposals received the same overall ratings.[4]Id. at 20-21.

The task order was issued to Phacil, and this protest following a debriefing.

DISCUSSION

ActioNet raises numerous challenges to the agency’s evaluation and selection decision. We have considered all of the ActioNet’s arguments in resolving the protest, although we only discuss its primary arguments, and find that none provide a basis to object to the agency’s evaluation or source selection.

The protester argues that the agency acted unreasonably in assessing a weakness in its proposal for failing to demonstrate experience for certain specialized CNDSP functions, because the solicitation did not require offerors to demonstrate such experience. ActioNet argues that, in any event, its initial and revised proposals sufficiently demonstrated its experience in these specialized technical functions required by the RFP. Protester’s Comments at 25‑27.

The agency responds that the RFP required offerors to provide a comprehensive description of their significant capabilities and corporate experience to perform the PWS requirements. AR at 10, citing RFP at 6. The agency notes that the PWS incorporated the CJCSM and ESM, which set forth these functional requirements. AR at 10-12. The Army specifically disagrees that ActioNet’s proposal addressed the firm’s experience with respect to computer network defense red teams, malware protection, and technology development and implementation. Id.

In reviewing a procuring agency’s evaluation of an offeror’s technical proposal, our role is limited to ensuring that the evaluation was reasonable and consistent with the terms of the solicitation and applicable statutes and regulations. Panacea Consulting, Inc., B-299307.4, B-299308.4, July 27, 2007, 2007 CPD ¶ 141 at 3. Our Office will not question an agency’s evaluation judgments absent evidence that those judgments were unreasonable or contrary to the stated evaluation criteria. Kay & Assocs., Inc., B-291269, Dec. 11, 2002, 2003 CPD ¶ 12 at 4. A protester’s disagreement with an agency’s judgment is not sufficient to establish that an agency acted unreasonably. Entz Aerodyne, Inc., B-293531, Mar. 9, 2004, 2004 CPD ¶ 70 at 3.

Here, the solicitation required offerors to describe their corporate experience with respect to the requirements of the PWS. See RFP at 6. As noted by the agency, the PWS incorporated CJCSM 6510.01B and the ESM, which specify various specialized CNDSP functions for which the contractor must provide support services.[5]See CJCSM 6510.01B, encl. A, at 7, and ESM, at 19, 24, and 89. For example, the CJCSM identifies protection services such as “Malware Protection Support,” “red teaming,” and capability sustainment services such as “[computer network defense] Technology Development, Evaluation, and Implementation,” as functions that must be supported by a computer network defense service provider. See CJCSM 6510.01B, encl. A, at 6-7. Although these references may not have required that offerors be able to perform all of these functions (such as red teaming) themselves, they were on notice that they needed to indicate their experience in interacting with those that do, and to have processes and procedures in place for providing support for these functions. Thus, contrary to ActioNet’s arguments, we find that offerors were informed that they should describe their capabilities and experience with respect to these specialized functions.

We also do not agree with ActioNet that its proposal, as submitted and as revised, adequately addressed its experience with respect to computer network defense red teams, malware protection, and technology development and implementation. Our review of ActioNet’s initial proposal indicates that the protester provided virtually no description of any experience concerning the security support referenced in the PWS. For example, the proposal merely states: [deleted]. See, e.g., AR, Tab 3, Protester’s Initial Proposal, Factor 1: Technical: Element 2, at 16. After discussions, the protester added three paragraphs to this section, but without much more specificity. For example, the ActioNet’s revised proposal states that a team member’s employees [deleted]. Tab 6, Protester’s Final Proposal Revision, Factor 1: Technical: Element 2, at 18. This revised proposal, however, does not mention, much less discuss, ActioNet’s experience with respect to computer network defense red teams, malware protection, and technology development and implementation. Although the protester disagrees with the agency’s judgment, this is not sufficient to establish that an agency acted unreasonably. Entz Aerodyne, Inc., supra.

The protester also complains that the agency’s discussions with it were not specific enough to inform ActioNet of the agency’s concern that ActioNet had failed to sufficiently describe its experience with respect to computer network defense red teams, malware protection, and technology development/ implementation. Protest at 25-26. It is a fundamental precept of negotiated procurements that discussions, when conducted, must be meaningful, equitable, and not misleading. 10 U.S.C. § 2305(b)(4)(A)(i) (2006); Federal Acquisition Regulation (FAR) § 15.306(d)(1), (3) (2013); IT Facility Servs.-Joint Venture, B-285841, Oct. 17, 2000, 2000 CPD ¶ 177 at 10. For discussions to be meaningful, they must lead offerors into the areas of their proposals requiring amplification or revision. While the discussions should be as specific as practical considerations will permit, the agency is not required to “spoon-feed” a vendor as to each and every item that could be revised so as to improve its proposal, however. IT Facility Servs.-Joint Venture, supra.

Here, the Corps informed ActioNet that it had “not identif[ied] experience in performing the technical functions” of the CNDSP services, and referenced PWS § 4.10.3, which extensively addresses CNDSP services, and cites CJCSM 6510.01B. AR, Tab 4, ActioNet Discussions Letter, at 2. This statement was sufficient to communicate that the agency had found that ActioNet’s general description in its initial proposal of its experience was insufficient to demonstrate experience as to the specific functions cited in the CJCSM and the ESM. Thus, the discussion letter led the protester directly to the agency’s area of concern. We also note that the agency considered ActioNet’s failure to identify this experience to be a weakness, and not a deficiency or significant weakness. Under the circumstances, there was no requirement for the agency to identify each specific technical function that ActioNet should have addressed. The precise content of discussions is largely a matter of the contracting officer’s judgment, and discussions are only required to address deficiencies and significant weaknesses identified in the proposal. FAR §15.306(d)(3).

Moreover, the record does not establish a reasonable possibility of prejudice even were we to accept ActioNet’s arguments. ActioNet does not state that it would have provided any further information in response to more specific discussions or demonstrated experience in these specialized CNDSP functional areas. Rather, the protester contends that its initial proposal and revised proposal sufficiently addressed these areas. See Protester’s Comments at 25-27. As noted above, we do not agree with ActioNet in this regard. In the absence of some statement from ActioNet that it would have provided competitively useful information in response to more specific discussions, we find no reasonable possibility of prejudice in this area. SeeMicroeconomic Applications, Inc., B‑258633.2, Feb. 14, 1995, 95-1 CPD ¶ 82 at 10‑11.

ActioNet also challenges the agency’s evaluation of Phacil’s proposal, complaining that the Corps evaluated Phacil’s offer to use a “Big Data trend analysis” as a significant strength, where the solicitation did not require such an analysis. Protest at 23-25; Protester’s Comments at 28-30.

The Corps agrees that the solicitation did not specifically require offerors to provide a Big Data trend analysis, but contends that Phacil’s offer to provide such an analysis was encompassed by, and increased the value of, the firm’s proposal with respect to the technical and management approach subfactor.[6] AR at 14. The evaluators found that Phacil’s offer of a Big Data trend analysis related to the firm’s approach to satisfying the following four PWS requirements: program outreach activities; systems performance metrics analysis and documentation; user requirement analysis and documentation; and resource allocation analysis. See AR, Tab 7b, Final Evaluation Report, at 13; PWS at 14-17.

The RFP advised offerors that the agency would evaluate their “capability to provide a sound technical and management approach to meet the requirements of the PWS and satisfy the needs outlined for each specific functional area.” RFP at 5. In this regard, the evaluators and the SSA described Phacil’s significant strength in this area as follows:

Offeror demonstrates an understanding of the relationship among resource allocation management, performance metrics, and user requirements, and how the interaction with users serves as a collection point for project success stories. Use of “Big Data trend analysis,” pattern recognition, and root cause analysis among these three task elements will allow significant relationships, including causal relationships, between various metrics to be captured by the program.

The SSA noted that Phacil’s offer to provide a Big Data trend analysis, although not required by the RFP, demonstrated the firm’s understanding “of the relationship among resource allocation management, performance metrics, and user requirements, and how the interaction with users serves as a collection point for project success stories.” AR, Tab 7a, Source Selection Decision, at 10. Although ActioNet apparently disagrees with the agency’s judgment in this regard, this disagreement does not show that the agency acted unreasonably.[7] We find reasonable the agency’s view that this feature of Phacil’s proposal provided a significant strength.

ActioNet also challenges the source selection decision, arguing that, because the firms’ proposals received identical technical and past performance ratings, ActioNet should have been selected to receive the task order based upon its lower price. Protest at 26-27; Protester’s Comments at 31-33. The protester’s focus on the ratings is misplaced, as point scores and adjectival ratings are but guides to, and not substitutes for, intelligent decision-making. See, e.g., Kellogg Brown & Root Servs., Inc., B-298694.7, June 22, 2007, 2007 CPD ¶ 124 at 5; TPL, Inc., B‑297136.10, B-297136.11, June 29, 2006, 2006 CPD ¶ 104 at 17. Here, the record shows that the agency appropriately looked beyond the adjectival ratings to consider the significance of the firms’ differing evaluated technical strengths.

ActioNet’s arguments provide no basis to disagree with the SSA’s judgment as to which firm’s proposal offered the best value.

The protest is denied.

Susan A. Poling
General Counsel

[1] The STARS II contracts are multiple-award, indefinite-delivery/indefinite-quantity contracts awarded by the GSA for various information technology services and service-based solutions.

[2] Although the RFP cited version A of CJCSM 6510.01, rather than version B, the protester and agency agree that version B is applicable.

[3] The CJCSM, in describing computer network defense protection services, states that “[p]rotection services are often proactive (e.g., red teaming, subscriber protection, and training) and may or may not result from a cyber incident.” CJCSM 6510.01B, encl. A, at 7. The ESM defines a red team as an independent and focused threat-based effort by an interdisciplinary, simulated adversary to expose and exploit vulnerabilities as a means to improve information systems security. See ESM at 19. The ESM also recognizes that, while there is no requirement for computer network defense service providers to have external assessment capabilities themselves, providers must coordinate with external assessment providers such as red teams. Id. at 19-20.

[4] As the value of this task order is in excess of $10 million, this procurement is within our jurisdiction to hear protests related to the issuance of task orders under multiple-award ID/IQ contracts. See 10 U.S.C. § 2304c(e)(1)(B) (2006); see also 41 U.S.C. § 4106(f)(1)(B) (2011).

[5] We note that a prior version (version A) of the CJCSM specifically provided for red teaming, whereas the current version (version B) replaces this requirement with “CND External Assessments,” which is also referenced in the ESM. CJCSM 6510.01B, encl. A, at 7; ESM at 19. These documents also include malware protection and CND technical development and implementation. Id.; ESM at 24, 89.

[6] “Big Data trend analysis” is Phacil’s approach to collecting and analyzing data to allow the firm to, among other things, optimize knowledge about the behavior of complex systems so that Phacil could “proactively maintain system capabilities at the level of [program management office]-mandated performance standards.” See Phacil Technical Proposal at 34.

[7] ActioNet also complains that the SSA concluded that Phacil’s offer of a Big Data trend analysis would create efficiencies that could save the agency $2.5 million over the 5-year term of the task order. Protester’s Comments at 30. ActioNet contends that such savings are speculative and illogical given that the RFP provided for the issuance of a fixed-price task order. We find no merit to ActioNet’s complaints in this regard. The Corps recognized Phacil’s fixed-price for performing the task order, and this was the price weighed in the SSA’s cost/technical tradeoff. The record shows that the agency was merely quantifying the value of Phacil’s proposed technical approach in assessing its merits.